1. Field of the Invention
The present invention relates to an authorization server system, a control method thereof, and a non-transitory computer-readable medium and, more particularly, to an access token deletion method when a plurality of services cooperate.
2. Description of the Related Art
In recent years, a plurality of services provided on the Internet can cooperate to provide new added values to users. On the other hand, the cooperation of the plurality of services poses some problems. For example, there is a risk of leaking user data or personal information because information more than a user's desire is exchanged between the services. From the point of view of service providers, however, the mechanism of service cooperation is preferably easily implemented.
Under these circumstances, a standard protocol called OAuth that is configured to implement cooperation in authorization has been planned. According to OAuth, for example, data of a user managed by a service A is accessible by an external service B that has received a permission from the user. At this time, the service A clarifies the range accessible by the external service B and obtains an explicit authorization of the user for the access by the external service B. Explicit authorization giving by the user will be referred to as an “authorization operation”.
When the user performs the authorization operation, the external service B receives a token (to be referred to as an “authorization token” hereinafter) certifying that it is has been granted access from the service A. From then on, by using the authorization token, subsequent access can be implemented without the user's authentication information on the authority of the user who has given the authorization. Hence, the external service B that has obtained the authorization token when authorized by the user is given a duty to closely and properly manage the authorization token.
OAuth 2.0 assumes that a user can disable an access token (see D. Hardt, “The OAuth 2.0 Authorization Framework”, [online], October 2012, IETF, [searched on Jul. 6, 2013], Internet <URL: http://tools.ietf.org/html/rfc6749>). Token revocation is the specification of a protocol configured to disable various kinds of tokens defined by OAuth 2.0. This defines a request/response to disable, from the client side, an access token or refresh token issued based on OAuth 2.0. For example, it is also possible to define disconnecting a session and the like linked with Authorization Code Grant together in accordance with implementation of an authorization server. This specification is assumed to be used in a use case where various kinds of tokens are disabled from the client side at the time of, for example, release of service cooperation/logout/resignation of service membership.
However, in some cases, an access token should not be deleted in an authorization flow like OAuth. This applies to, for example, a case where a token to be used in service cooperation within the same authentication domain is generated without user confirmation in a certain authorization flow. In this case, the same authentication domain indicates a domain in which a server having authentication and authorization functions and a client application server for providing a form service, a print service, or the like are connected to the same LAN, and a problem such as information leakage hardly arises between the services. If a token necessary for service cooperation can be deleted in the same authentication domain, data mismatch may occur at the time of cooperation. For example, when a print service and a form service cooperate, and only an access token to the print service is disabled, the user can create a form but cannot print.